actions / attest-sbomLinks
Action for generating SBOM attestations for workflow artifacts
☆31Updated this week
Alternatives and similar repositories for attest-sbom
Users that are interested in attest-sbom are comparing it to the libraries listed below
Sorting:
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆87Updated 6 months ago
- Action for generating attestations for workflow artifacts☆50Updated this week
- ☆16Updated 3 months ago
- Find license compliance and security issues in your applications with FOSSA and GitHub Actions.☆53Updated this week
- An Action for printing OIDC claims in GitHub Actions.☆94Updated 2 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆35Updated 2 weeks ago
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆201Updated this week
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆135Updated this week
- Github Action implementation of SLSA Provenance Generation☆48Updated last week
- GitHub Action to check PRs for signed commits☆54Updated 10 months ago
- A Github Action to ensure that actions are pinned to full length commit SHAs☆46Updated 2 weeks ago
- ☆50Updated last week
- Generate SBOMs with gh CLI☆185Updated last month
- Lock Action to support deployment locking for the branch-deploy Action☆42Updated 2 weeks ago
- ☆42Updated 7 months ago
- Github action that turns your reusable workflows and custom actions into easy to read markdown tables.☆50Updated 2 months ago
- Reusable workflows for developing actions☆68Updated last month
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆50Updated last year
- The containerbase project's base image source☆43Updated this week
- Run tfsec with reviewdog on pull requests to enforce security best practices☆75Updated last week
- Official GitHub Action for OpenSSF Scorecard.☆307Updated this week
- [GitHub] A Command Line ToolKit for GitHub Security Alert.☆27Updated 6 months ago
- GitHub token permissions Monitor and Advisor actions☆293Updated last week
- GitHub Actions for renovate-config-validator☆26Updated this week
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆122Updated this week
- GitHub CLI Extension to run GitHub actions locally using nektos/act☆68Updated 2 months ago
- Purpose-built security agent for hosted runners☆36Updated 2 weeks ago
- Run hadolint with reviewdog 🐶☆53Updated last month
- Run shellcheck with reviewdog☆109Updated last month
- Log monitor for Rekor to verify immutability and monitor entries☆34Updated this week